Opened 6 years ago

Closed 6 years ago

#2175 closed defect (fixed)

NullPointerException when impersonating a user

Reported by: Nicklas Nordborg Owned by: everyone
Priority: major Milestone: BASE 3.15.1
Component: core Version:
Keywords: Cc:

Description 

java.lang.NullPointerException
...at Keyring.setRoleInactive(Keyring.java:802)
...at SessionControl.setRoleInactive(SessionControl.java:1692)
...at org.apache.jsp.login_jsp._jspService(login_jsp.java:260)
...at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
...

It doesn't happen for all users. It seems to be triggered only if the selected user has specified that some roles should not active after logging in.

Regular login works.

Change History (1)

comment:1 by Nicklas Nordborg, 6 years ago

Resolution: fixed
Status: newclosed

In 7705:

Fixes #2175: NullPointerException when impersonating a user

We need to make sure that the information about role membership is up to date when trying to inactivate a role.

The reason that it worked for regular logins was that a check for permissions to use the web client is made before roles are inactivated. The check triggered a re-load and the 'roles' variable was not null.

Note: See TracTickets for help on using tickets.